CVE-2018-13382

CVE-2018-13382 — An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.

📅 2019-06-04

🔴 Critical 🔥 Yes NVD Exploit Fortinet CVSS 9.1 🎯 EPSS 87.08%

📋 الوصف الكامل

An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests

💻 الأنظمة المتأثرة

Fortinet FortiOS | Fortinet | Apple iOS

⚠️ نوع التهديد

Exploit

🔗 CVE ID

CVE-2018-13382

📡 المصدر

NVD

✅ الحلول والتخفيف

Fortinet PSIRT Advisory

🔗 المصدر الأصلي ← 📘 NVD ← ⚡ CISA KEV ←